Rod Ends
|
 posted on 19/6/21 at 04:23 PM |
|
|
Protect your health data
England’s NHS plans to share patient records with third parties
55m patients have until June 23 to opt out of having their health data scraped into a new database
England’s NHS is preparing to scrape the medical histories of 55m patients, including sensitive information on mental and sexual health,
criminal records and abuse, into a database it will share with third parties.
https://www.ft.com/content/9fee812f-6975-49ce-915c-aeb25d3dd748
|
|
|
|
|
SteveWalker
|
| posted on 19/6/21 at 04:43 PM |
|
|
The date has been put back two months.
The data will be anonymised, but there are questions over whether there is still enough detail to identify individuals.
It is however a uniquely valuable resource. Other countries do not have the NHS's uniquely comprehensive data set, which could allow valuable
research. For instance, it is known that people who have been sexually abused or assaulted have a higher incidence of mental health problems, but just
how much higher than average? Does the age at which or period of time they were abused for make a difference? How effective have therapies been? In
other areas, can incipient diabetes be spotted and avoided by looking for some, as yet unnoticed, very early signs. What correlation is there between
multiple conditions, etc.. Only comprehensive medical data will allow this.
I want my data to be used to develop medicines, treatments, diagnostic techniques, etc., but I do not want to be identifiable.
|
|
|
chillis
|
| posted on 19/6/21 at 08:02 PM |
|
|
That old chestnut the 'anonymised data'. Which is never anonymised only pseudonymised.
According to my GP surgery they are being required only to redact the name & address, so your NHS number will still be attached to your file,
seemingly because without being able to relate the data to the individual the data has limited value (one assumes the full value is in the full data
so the third parties can plague you with unwanted emails and other scams) A government whose home office tells us it is trying to protect us from
cybercrime while the health dept. is selling the data that cybercriminals want.
[Edited on 19/6/21 by chillis]
Never under estimate the ingenuity of an idiot!
|
|
|
chillis
|
| posted on 19/6/21 at 08:29 PM |
|
|
Don't get me wrong, I'm not against my genuinely anonymised data being used for good, but when the Government wants to sell your data to
third parties who don't have to disclose what they will do with your data no good will come of it. the Government sold our electoral register
data to whoever wanted to buy it so its not like the Gov don't have form!
The NHS already supplies proper anonymised data to uni's and genuine research org's following the data protection guidelines so the
information is available to support the advancement of medicine in all its forms. The Government doesn't get any money from that though and I
think that's the key point here, the Gov. are selling all of our private info and were hoping we wouldn't notice, hence why it is
important to send in the form to stop them from doing this.
Never under estimate the ingenuity of an idiot!
|
|
|
BenB
|
| posted on 20/6/21 at 08:52 PM |
|
|
quote:
Originally posted by chillis
That old chestnut the 'anonymised data'. Which is never anonymised only pseudonymised.
According to my GP surgery they are being required only to redact the name & address, so your NHS number will still be attached to your file,
seemingly because without being able to relate the data to the individual the data has limited value (one assumes the full value is in the full data
so the third parties can plague you with unwanted emails and other scams) A government whose home office tells us it is trying to protect us from
cybercrime while the health dept. is selling the data that cybercriminals want.
[Edited on 19/6/21 by chillis]
Don't know who you spoke to at the GP surgery but they were talking bollocks.
As ex digital lead for about 100,000 patients and Information Governance lead at a 20,000 patient practice I might be in a position to shed some light
here.
There's no redaction at all going on at practice level, any anonymisiation, psuedoanonymisation or otherwise takes place after the data
extraction by NHS Digital.
It's incredibly unlikely that patients will get scams and unwanted e-mails as a result of this system- I think that's just missing both
the point of the service and the concerns surrounding it.
If / when 3rd parties are given access to the dataset (at a cost) NHS Digital will retain the key to reveal true patient identity.
Ultimately for the moment there's nothing that needs to be done as it's been pushed back and ideally patients would elect to go for the
online type 2 opt-out as this doesn't impact on General Practice provision and if there's one thing we really don't need right now
it's a great cohort of people worrying about what might happen to their data in a number of months time. At the moment GP practices are being
wacked with a bigger workload even then during the second Covid spike six months ago. I've never known anything like it in my life. It'
just unreal. We're being walloped by the third wave, we've still got minimal access to diagnostics at the hospital and yet all the
problems that the patients have held off coming in with during the "peak" (even though we're in another one now) are coming home to
roost so we're being slammed there also.
I absolutely understand the concerns people have regarding this data extract and I share them. Equally, I think for the most part a type 2
"National Opt-out" is going to be (at leasti in the short term) the best option- it lodges a formal objection to the intented use while
not unecessarily interfering with what General Practices should be doing. It's also worth knowing that the BMA and GPC (GP committee) are
looking at more appropriate options such as the type 1 opt-out being remotely actioned.
Personally I think whether patients opt-out or not it's only a matter of time before their data gets out there somehow. You only have to look at
the writing on the wall. Tory panel recently decided that GDPR was far too complicated and prevented innovation (IE they want to ditch it) and
companies are finding many ways of getting the data without use of a national system such as that e.g. couple of years back our local hospital
(covering approx half a million patients) gave Google access to our entire hospital records without prior discussion. The local healthcare
"landscape" where I am recently turned the other way while a group of 20 practices were sold to the US's biggest provider of medical
insurance. The 20 practices just happen to provide all the out-of-hours provision and therefore have access to the entire medical records of 250,000
patients.....
I'm certainly no fan of NHS Digital nor the government and I have significant concerns about the intended extraction, I just believe at this
point patients en masse contacting (in some cases repeatidly) practices regarding this matter is ultimately going to not have the intended effect and
will have unintended adverse consequences.
In truth NHS Digital are tiny. They're almost totally reliant on private companies with vested interests and significant sway within the
government (by virtue of lobbying).
Oh well, soon this will all be under the control of Dido Harding and won't that be wonderful. I mean 10 years or so as the Chief Executive of
TalkTalk with it's horrendous customer service and the infamous hack. Then straight into Track + Trace and the pille of shite that is / was.
Great person to be in charge of the NHS.
|
|
|
coyoteboy
|
| posted on 20/6/21 at 08:54 PM |
|
|
I think the key here is we should be being told ##exactly## how the data is anonymised and presented and who it's sold to, in what form.
Without that, it's just guesswork
|
|
|
BenB
|
| posted on 20/6/21 at 11:05 PM |
|
|
quote:
Originally posted by coyoteboy
I think the key here is we should be being told ##exactly## how the data is anonymised and presented and who it's sold to, in what form.
Without that, it's just guesswork
Absolutely. Rather impossible to make an informed decision without it. I personally believe this kind of things should be opt-in. I know this would
result in very few people's data being available however the standard GDPR model is informed consent and it feels odd that both care.data and
now this new data extract are "opt-out" when there's little information on which to make the decision. Thankfully there's time
yet for these issues to be resolved.
|
|
|
